Author: carnil Date: 2016-01-21 19:37:49 +0000 (Thu, 21 Jan 2016) New Revision: 39062
Modified: data/CVE/list Log: Add two privoxy issues Modified: data/CVE/list =================================================================== --- data/CVE/list 2016-01-21 18:51:03 UTC (rev 39061) +++ data/CVE/list 2016-01-21 19:37:49 UTC (rev 39062) @@ -1,3 +1,15 @@ +CVE-2016-XXXX [Remove empty Host headers in client requests; resulting in invalid reads] + - privoxy <unfixed> + NOTE: http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/parsers.c?r1=1.302&r2=1.303 + NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/01/21/4 + NOTE: Fixed in 3.0.24 + TODO: check versions +CVE-2016-XXXX [Prevent invalid reads in case of corrupt chunk-encoded content] + - privoxy <unfixed> + NOTE: http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/filters.c?r1=1.196&r2=1.197 + NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/01/21/4 + NOTE: Fixed in 3.0.24 + TODO: check versions CVE-2016-1926 RESERVED CVE-2016-1921 _______________________________________________ Secure-testing-commits mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
